Attackers actively downing Microsoft’s IIS web servers
Attackers are actively exploiting a DoS vulnerability (CVE-2015-1635) affecting Microsoft’s Internet Information Services (IIS) extensible web server, SANS ISC CTO …
GitHub issues transparency report
GitHub has released its first ever transparency report. Of the 10 subpoenas for user data, GitHub has disclosed information in 7 of them, and has informed affected users about …
Exploit for crashing Minecraft servers made public
After nearly two years of waiting for Mojang to fix a security vulnerability that can be used to crash Minecraft servers, programmer Ammar Askar has released a proof of …
How IT pros protect and investigate their endpoints
More organizations are operating under the assumption that their network has already been compromised, or will be, according to a survey conducted by the SANS Institute. …
Pawn Storm cyberspies still at work, target NATO and the White House
Pawn Storm, the long-standing economic and political cyber-espionage operation that has been first detailed in October 2014, continues unabated. Aiming to compromise the …
1 in 4 employees enable cloud attacks
While businesses are clearly embracing the power of cloud applications with each organization collaborating with an average of 865 other organizations – internal users, …
D-Link’s failed patch for DIR-890L router adds a new hole
Prolific hacker Craig Heffner, who has a particular interest in hacking embedded devices, has recently documented the existence of a command injection bug in the firmware of …
Security analytics: The key for breach detection?
Although security spending is at an all-time high, security breaches at major organizations are also at an all-time high, according to Gartner, Inc. The impact of advanced …
IBM unveils cyber threat intelligence sharing platform
IBM is making its vast library of security intelligence data available via the IBM X-Force Exchange, a new cyber threat intelligence sharing platform powered by IBM Cloud. …
HSBC Finance Corporation confirms data breach
A breach notification letter sent to the New Hampshire Attorney General’s Office by the HSBC Finance Corporation has revealed that sensitive mortgage information of …
Cisco splats router bug that can lead to persistent DoS
Cisco has patched a vulnerability that affects Cisco ASR 9000 Series Aggregation Services Routers and can be exploited by a remote, unauthenticated attacker to effectively …
Dropbox launches bug bounty, will also pay for previously reported bugs
Dropbox is the latest company to officially announce a bug bounty program set up through the HackerOne platform. While the program has been up and running for several months …
Featured news
Resources
Don't miss
- VulnRisk: Open-source vulnerability risk assessment platform
- Connected homes: Is bystander privacy anyone’s responsibility?
- Google says 2026 will be the year AI supercharges cybercrime
- Cybercriminals exploit RMM tools to steal real-world cargo
- Former ransomware negotiators allegedly targeted US firms with ALPHV/BlackCat ransomware